1、配置ssh免密登录 两台: 10-1-1-161 10-1-1-8 要实现10.1.1.161 免密登录 10.1.1.8 一键产生非交互的密钥对 [root@oracledb ~]# ssh-keygen -t rsa -f /root/.ssh/id_rsa -P "" Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:5hsmlVOgHKM8E0vmJ/Thc97k4ukaxUGK/8ZUs1V7vQE root@host-10-1-1-8 The key's randomart image is: +---[RSA 2048]----+ | = + o E. | | * O B . ....| | X O o = . ..o| | * = O + .o| | . S + . | | X + | | o X | | * o | | ..o | +----[SHA256]-----+ [root@host-10-1-1-8 ssh]# ls /root/.ssh/ id_rsa id_rsa.pub 将公钥(id_rsa.pub)拷贝到10.1.1.8的机器上: [root@host-10-1-1-161 .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.1.1.8 本机也要操作: cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys 2、报错解决: 2.1、ssh拷贝秘钥报错解决: 报出下面错误,各种方法都试过,都不管用,后来发现 /root/.ssh 目录下多了一个文件 config 删除即可,请看下面操作: unix_listener: cannot bind to path: /root/.ssh/sockets/root@192.168.0.92-22.Lh6rQMayvvRFfued [root@test1 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.92 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.0.92's password: bind: No such file or directory unix_listener: cannot bind to path: /root/.ssh/sockets/root@192.168.0.92-22.Lh6rQMayvvRFfued [root@test1 ~]# cd /root/.ssh [root@test1 .ssh]# [root@test1 .ssh]# ls authorized_keys config id_rsa id_rsa.pub known_hosts [root@test1 .ssh]# [root@test1 .ssh]# rm -rf config [root@test1 .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.92 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.0.92's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.0.92'" and check to make sure that only the key(s) you wanted were added. 拷贝秘钥成功 参照文档ansible篇: https://www.cnblogs.com/effortsing/p/10012079.html